Actually, your script won't even work.

First of all, you check if the session logged is set to (int) 1. When he logged in, the session logged is set to (string) yes, so checking if it's set to 1, will always return FALSE.

Secondly, you check if $username is set, but he don't even have that variable, he uses $u and $p for username and password. So it's the same thing here, this will always return FALSE.

Lastly, I don't even get the point in checking your $username. You check to see if it's NOT set(=empty), and if it fullfills that requirement, you set the $username var to.. NOTHING, meaning.. you don't change the value at all.